[HN Gopher] Modoboa - Open Source email server
___________________________________________________________________
Modoboa - Open Source email server
Author : thunderbong
Score : 97 points
Date : 2021-09-19 10:08 UTC (12 hours ago)
(HTM) web link (modoboa.org)
(TXT) w3m dump (modoboa.org)
| nixpulvis wrote:
| I'm still kinda stuck not trusting dynamic DNS, am I wrong?
|
| Self-hosting for me really should include the hardware. Still a
| hosted service I control updates and interface options for would
| be an improvement over gmail I suppose. I hate their webmail
| interface a lot.
| dsr_ wrote:
| In what way don't you trust dynamic DNS?
|
| It's just a method for updating DNS records. It can be done by
| a free service, by a paid service, or by your own DNS server.
| nixpulvis wrote:
| Right, so another point of failure on top of my ISP. Not to
| mention that I don't understand the propagation delays impact
| on delivery well enough, but I'm assuming it's unacceptable.
|
| Maybe if I paid for a business class service I could get a
| nice static IP... one day perhaps.
| dsr_ wrote:
| The propagation rate for DNS is beyond anyone's control:
| TTL is advisory, not mandatory. But SMTP has MX records,
| which implement preference. If you have two SMTP receivers
| on different networks, it's unlikely that both of them are
| changing IPs at the same time.
|
| If one of those is a paid-for VM, it's probably static, so
| it will not change IP barring business reasons. $5/month
| gets you a reasonable VM from any of many different
| service.
| 3np wrote:
| You can always have a smallest-instance VM on your
| cloud/hosing provider of choice just for the IP and proxy
| all in- and outgoing traffic through there.
|
| You can get fancy with SMTP proxy that can hold on to
| undelivered messages if you want, or just use haproxy/nginx
| plus proxychains/tsocks.
| nix23 wrote:
| Dont use dynamic dns for a email server...big NONO
| brink wrote:
| How is deliverability on a self-hosted solution like this? The
| only thing that keeps me from self hosting is I'm worried about
| running into spam filter issues when trying to deliver email from
| an unknown source.
| wvh wrote:
| I've hosted my own email server for years; I coincidentally
| shut it down yesterday.
|
| Once you've got it set up properly, deliverability is quite
| good. The main problem is having to monitor blacklists, spam
| and account brute-force attacks, and typical issues with
| infrastructure such as disk space or DNS. Rarely anything goes
| wrong, but when it does, it will be at the most inconvenient
| time and you'll have no option but to fix it if you want to
| keep receiving email. Out of principle, I believe any
| individual should be able to self-host, but at the same time, I
| don't have the time and interest anymore to babysit servers for
| personal use. So you probably want to weigh those two things
| according to your own situation.
|
| The main issue these days is finding providers that allow
| running open mail servers and yet are not blackholed because of
| IP range sender reputation. A lot of the cheaper server
| providers have to fight relatively lot of abuse so you're stuck
| between a rock and a hard place having to convince both your
| own provider as well as the mail servers you send to of your
| good intentions. There should probably be a provider aimed
| specifically at email servers that takes extra care it has IP
| ranges that never host spammers, cryptocurrency, tor nodes,
| botnets and whatnot.
| kappuchino wrote:
| I have switched from zimbra (community) to MailInABox
| (https://mailinabox.email) and can say that a cheap five euros
| per month ssd-shared-4-virtual-cpu can manage as much as
| 1000nds of mails per day in and out for dozens of users with
| ease. So far I had not issues with spam classification, also
| due using a .de and .net email domain. (See stories about the
| infamous .xyz domains for reference) I tried Modoboa as well,
| but got stuck with the (lets encrypt) cerificate renewal
| process at that time - might be I did something wrong, don't
| know. Now everything runs automatic and smooth.
| radiac wrote:
| I self hosted for myself and some clients for years. As long as
| you set up everything correctly it's fairly pain-free, but it's
| definitely worth getting on as many abuse notification lists as
| you can find - I wasn't doing anything remotely spam-related
| but still got blacklisted by hotmail twice and some other
| places a couple of times; as I remember it getting cleared was
| just a case of jumping through a few hoops, but I still needed
| to find out about the problem before my clients did, and find
| the hoops to jump through (which was never easy).
|
| I found the main issue was maintenance. Once it was set up it
| didn't need too much poking, but I was still responsible for my
| own downtime and backup, and every few years I'd need to move
| it to a new server. I ran a secondary relay so at least
| migrating without downtime was relatively easy, but it was
| still a multi-day process while I moved configurations, rules
| and mail across, waited to trust DNS propagation etc. And in
| the back of my mind if someone didn't reply in a timely manner,
| I couldn't ever stop wondering if I'd missed a blacklist
| somewhere, or if a provider had just decided to spambin
| everything from my IP.
|
| The other pain point was that as it was a necessary service
| rather than something that generated profit, I didn't want to
| put any serious time into improving things for myself. That
| meant I was using IMAP+Thunderbird with whatever shonky open
| source webmail-du-jour I'd set up on the server that year,
| combined with various shell scripts and notes in wikis about
| how to manage users, forwarding rules etc. It worked, but it
| was never easy, and was never slick.
|
| After I took a job where we all used gmail, I got used to
| things being easy and slick, and decided to stop self-hosting
| and move my mail to dedicated mail providers (fastmail and
| sendgrid in my case, ymmv). Haven't looked back.
|
| Self hosting you mail is something I'd recommend doing once for
| fun to see how it all works, but unless you have a clear and
| definite reason to go it alone, it's definitely worth paying
| someone else to do it for you.
| baobabKoodaa wrote:
| > As long as you set up everything correctly it's fairly
| pain-free
|
| This is not true. Maybe you got it working for you (or maybe
| you never really measured your deliverability), but as a
| general advice that's just wrong. I've run my own email
| server for years and I've found it extremely difficult to get
| deliverability to Outlook and Gmail. You won't even get
| access to their deliverability debugging tools unless you
| send large volumes of email. Perversely, a small-volume
| sender is more likely to be classified as spam than a large-
| volume sender.
| radiac wrote:
| I think it's one of those ymmv issues - it probably comes
| down to a wide range of factors us general public will
| never get details of, by design. As I mentioned, I did of
| course experience some deliverability issues over the ~20
| years I ran the servers for, but ongoing confidence in
| current deliverability didn't stop me worrying about it
| degrading in the future, which is why I ultimately shut the
| servers down while things were still working.
|
| Regardless, as I said in my original comment, these days
| running a mailserver for fun is fine, but for anything
| remotely serious - unless you have a very good reason for
| it and really know what you're doing - use a third party.
| baobabKoodaa wrote:
| > How is deliverability on a self-hosted solution like this?
|
| It's extremely difficult to deliver email to Outlook and Gmail
| Inboxes from a self-hosted solution on a cloud (or residential)
| IP address. I wrote more about my experience here:
| https://www.attejuvonen.fi/dont-send-email-from-your-own-ser...
| abdullahkhalids wrote:
| I am part of a small non-profit online workshop organization.
| We have a small hetzner server to host our email server. I
| don't think we ever had any trouble with email delivery in the
| year we have run it.
|
| I also set my personal email server (mailinabox on the cheapest
| hetzner server) last month. All my emails were accepted. Only
| some exchange emails to my friends were initially sent to spam,
| but after asking them to mark the emails as not spam, and them
| replying to me a few times, I have not had further delivery
| issues.
|
| I did have some weird kurfufle with dns last week, where my
| domain would not resolve. There was some notice on the
| namecheap website about some dns outage, but it has disappeared
| since then and I was too busy to explore then. I just spent
| yesterday resetting everything in namecheap configuration after
| which everything started working again.
| [deleted]
| oskapt wrote:
| I've run my own mail server for decades, and if you set up SPF
| and DMARC correctly, you won't have any real issues. The
| biggest problem I had over the years was with outlook.com
| blacklisting all of AWS as spam IP space, but once I contacted
| them and explained what I was doing, they investigated and
| whitelisted my elastic IP address.
| codetrotter wrote:
| What software do you use for your mail server and client? I'm
| looking to replace my current self-hosted setup with
| something else.
|
| Currently I am running Postfix on my FreeBSD server, and not
| using SpamAssasin. I've had this setup for years and it's
| less than ideal but it's at the point where it's been hard to
| justify the time I'd have to spend setting up a better
| configuration.
|
| I ssh into the server and read mail using mutt. I also have
| notmuch installed but only use it a little bit now and then
| and still relying primarily on mutt. I'm not really happy
| about mutt either. It's neat in its own way but it's also a
| bit of a drag to use and even though I enjoy using the
| command line I don't feel like mutt is really a good fit for
| how I would like to use mail.
|
| Ideally I think I'd want something similar to how some of the
| features of GMail work, but mainly in terms of tagging and
| filtering. As for a web based interface, I don't want that
| part really. But still very much interested in knowing of web
| interfaces too from people that use them and like them.
|
| But most of all, what I am looking for is a server that has
| good and easy to use filtering, that is open source and runs
| on FreeBSD or Linux, and native clients for macOS and iOS
| that integrate well with the server including the tagging and
| filtering stuff.
| na85 wrote:
| I have a dovecot+postfix+rspamd setup and I read my mail
| with apple mail.app, thunderbird, and FairEmail on my
| phone. That latter app is excellent and I highly recommend.
| RcouF1uZ4gsC wrote:
| > I've run my own mail server for decades, and if you set up
| SPF and DMARC correctly, you won't have any real issues.
|
| I wonder if the fact that you have done it for decades helps
| with you avoiding spam filters. This may not be the
| experience for someone who newly sets up their own email
| server.
| indymike wrote:
| > This may not be the experience for someone who newly sets
| up their own email server.
|
| I've set up mail servers many times over many decades and
| it's not as hard as a lot of people think. For a reasonably
| secured and maintained personal server, you'll have to
| learn about SPF, DMARC, and do more detailed DNS setup than
| you do to get a quick website up, but once up, everything
| should go well... so long as you and your family behave.
|
| For businesses, especially those with enthusiastic
| marketing teams, it's harder because all it takes is a a
| bug in some transactional email code, or a bad email from a
| well meaning sales rep to some email list from a "digital
| marketing" forum to completely wreck your server's
| reputation.
| na85 wrote:
| >For businesses, especially those with enthusiastic
| marketing teams, it's harder because all it takes is a a
| bug in some transactional email code, or a bad email from
| a well meaning sales rep to some email list from a
| "digital marketing" forum to completely wreck your
| server's reputation.
|
| Working as intended if you ask me.
| vbezhenar wrote:
| I think that IP address reputation is the biggest factor in
| mail deliverability for small servers. So when you've
| bought new VPS, it will be hit or miss, whether your IPv4
| address was used maliciously before or not.
| pbhjpbhj wrote:
| This comes up quite regularly, some of us have had major
| deliverability problems with SPF and DMARC and DKIM all set
| up. There are, it appears, other factors outside of one's
| control -- for me it was (at the time) MS apparently wouldn't
| receive my email (that was whitelisted, and from a 15yo
| domain with < one email per week outbound to Live.com)
| because a ip4 address of a server (not the one I was using)
| currently hosted by my hosting provider had previously been
| used for spam. There was no efficient way for me to move
| hosting provider and know that the same situation wouldn't be
| true, so I signed up for a new @live.com address and send
| emails to MS domains through that from my MUA (Thunderbird).
|
| At that time MS had a third party that managed this, you
| could pay them to do something that would basically get you
| whitelisted; but this was for an SME and the cost was
| prohibitive for the potential benefit.
|
| If you moved server on AWS presumably you'd have to go the
| same route again - who did you contact? - would you be 100%
| confident you'd get whitelisted?
| ancarda wrote:
| How did you know to contact Microsoft to have them whitelist
| your IP? Was that from a DMARC report?
|
| This is the sort of thing that puts me off self-hosting
| email, as much as I'd like to do it -- it seems like a huge
| amount of effort, tracking down who I need to shout at this
| week to have them whitelist my IP address.
| heipei wrote:
| Microsoft doesn't send DMARC reports which made discovering
| delivery issues all the more problematic.
| cube00 wrote:
| If you get caught by this you can request "delivery
| mitigation" (i.e. removal from their IP blacklist) here:
|
| http://go.microsoft.com/fwlink/?LinkID=614866
|
| You can also join the "Smart Network Data Service" (SNDS)
| program, which can alert you in the future if you are re-
| listed and sometimes will provide additional information
| about why the IP has been listed.
|
| https://postmaster.live.com/snds/addnetwork.aspx
| baobabKoodaa wrote:
| > If you get caught by this you can request "delivery
| mitigation" (i.e. removal from their IP blacklist) here:
| http://go.microsoft.com/fwlink/?LinkID=614866
|
| Microsoft only provides delivery mitigation for large-
| volume senders. Small-volume senders (i.e. not spam
| senders) will not be provided delivery mitigation. That's
| from my personal experience anyway.
|
| > You can also join the "Smart Network Data Service" (SNDS)
| program, which can alert you in the future if you are re-
| listed and sometimes will provide additional information
| about why the IP has been listed.
|
| Unless you are a large-volume sender, you will not be able
| to get ANY information out of SNDS.
| eikenberry wrote:
| Depends who you are trying to send email to. There are email
| providers that use IP blacklist maintainers that require you
| to pay a fee to keep off their blacklist if you are not a big
| provider (eg. they blacklist all VPS hosting companies). This
| was the final straw that had me switch to using a provider
| for SMTP (not MX, I run it still).
| mgbmtl wrote:
| I run my own small-company mail server with 10 high-use
| accounts (using Zimbra, but it's mostly dead, so looking for
| alternatives).
|
| We lease small /29 blocks from OVH for our various services.
| Haven't had many issues in the past 5 years, except once when a
| user was hacked and spam was sent. 48h later things were back
| to normal.
| nix23 wrote:
| SOGo instead of Zimbra?
| foolinaround wrote:
| this is indeed a big roadblock to self-hosting.
|
| There needs to be a seperate service provider that offers this
| expertise possibly for a fee.
| cube00 wrote:
| It's not so much expertise you need, you need the mail
| services to "trust" your address with reputation. If other
| providers take the hard line that Microsoft are taking now
| (550 refusals by default for unknown IPs) then using mail
| rely services like MailGun may be the only alternative for
| self hosting that only sends a few emails a year.
| na85 wrote:
| I don't run TFmailserver but I self-host a postfix+dovecot
| setup and deliverability has been good so far.
|
| I'm willing to try shooting you an email and we'll see if it
| arrives.
| raegis wrote:
| I'm been running a mail server on my personal domain for 20
| years. The hosting provider is key. One well-known hosting
| provider I used to use had lots of IPs on the e-mail
| blacklists. I found a slightly less well-known provider without
| this problem.
|
| I test sending and receiving to Gmail accounts and Microsoft
| 365(?) accounts, and they all seem to work fine if I just
| configure reverse DNS, ipv6, and TLS (certificates from Let's
| Encrypt) correctly. I use Postfix. When I e-mail bomb (40
| emails or so) from a Moodle server, sometimes emails show up in
| spam folders on Microsoft servers, but that's the worst of it.
| greggh wrote:
| I've run my own for about 4 years now with mail-in-a-box. It's
| on digital ocean, and it delivers fine to everyone. Like others
| have said, you just have to watch the lists to see if you end
| up in a block of IPs that gets blacklisted. It has only
| happened to me once, and like everyone else, it was outlook.com
| / live. It only took a couple days to get fixed.
|
| With mail-in-a-box you also get Nextcloud for the users, and
| have a nice google drive replacement with the Nextcloud client.
| baobabKoodaa wrote:
| > I've run my own for about 4 years now with mail-in-a-box.
| It's on digital ocean, and it delivers fine to everyone. Like
| others have said, you just have to watch the lists to see if
| you end up in a block of IPs that gets blacklisted
|
| This is not true. I've also run my own server for several yes
| (on AWS), I've never seen the IP on any blacklists, and yet
| my deliverability to Outlook and Gmail is extremely bad (I've
| since moved on to using Postmark for sending emails).
| superkuh wrote:
| This is just a python (>3.7) wrapper around postfix and dovecot.
| It is not a open source email server. It is an open source email
| server management tool. And that's cool, but not what it says on
| the box.
| mgbmtl wrote:
| This looks nice. So many solutions only have half-baked or over-
| complicated solutions for calendars. Zimbra was nice, until they
| were sold and stopped being FOSS.
|
| Does Modoboa support sharing of calendars? (so that I can see if
| my colleagues are available for a meeting)
|
| I notice the website says the past release was in 2020, but on
| GitHub a new 2.0 beta tag was added a few days ago. Looking
| forward to testing it.
| hardwaresofton wrote:
| There are some really interesting choices for F/OSS email servers
| these days. There are SMTP+IMAP:
|
| - maddy[0] (I use this)
|
| - chasquid[1]
|
| - docker-mailserver[2]
|
| And combinations:
|
| - haraka[3]/ZoneMTA[4] (SMTP) + wilduck[5] (IMAP)
|
| Modoboa brings something new in that it bundles together the
| frontend but I'm very happy with Thunderbird (and there are other
| frontends like Sogo) -- the competition is stiff and modoboa
| really could use a front-and center image of what the app looks
| like on the main page.
|
| [EDIT] I forgot two!
|
| - iredmail (https://www.iredmail.org/download.html)
|
| - Apache James (https://james.apache.org/)
|
| [0]: https://maddy.email/
|
| [1]: https://github.com/albertito/chasquid
|
| [2]: https://github.com/docker-mailserver/docker-mailserver
|
| [3]: https://haraka.github.io
|
| [4]: https://github.com/zone-eu/zone-mta
|
| [5]: https://wildduck.email/
| selfhoster11 wrote:
| Don't forget the largest two contenters in the room, mailcow
| and Mail in a Box.
| kiryin wrote:
| In my experience of +15 years of hosting my own email server,
| being successful at delivering and receiving mail is a matter of
| luck rather than knowledge or correctness of execution. Obviously
| you have to configure DMARC and such or there will be nothing but
| trouble, but even if you do every little thing by the book, or
| alternatively use one of these kitchen-sink solutions, there's
| still a good chance you will have problems sooner or later. Bad
| IP, bad IP range, changing IP, bad domain/registrar (!?!?!) or
| some kind of weird automated flagging system can and often will
| get in your way, and gmail/outlook will not reply to your support
| ticket or investigate the matter at all whatsoever. Look forward
| to changing VPS providers and domains until it works, and then
| stick to that setup like your life depended on it.
| eikenberry wrote:
| IMO the simple fix is to host the incoming MX servers and use a
| service for the outgoing SMTP. The latter is available for very
| cheap and the former is what you really care about hosting.
| nix23 wrote:
| >gmail/outlook
|
| You can both let your domain whitelist with a google/microsoft
| account.
| em-bee wrote:
| i found this resource for google, which suggests that google
| does offer any kind of whitelisting, but it contains a bunch
| of things to look into that may help to get mails accepted.
|
| https://support.google.com/mail/thread/5166415/my-domain-
| ema...
| nix23 wrote:
| Well it's not whitelisting, you just tell google that this
| sending domain is yours...kind of, never had a non
| delivered/spam message on the customer side...however it's
| bad that google has a nearly monopoly over email.
| yewenjie wrote:
| Is there a lightweight email server that runs on less than 512 MB
| of RAM?
| upofadown wrote:
| Most any of them? The server itself tends to be quite small.
| yewenjie wrote:
| I see. All the all-in-one solutions that I have seen so far
| require way more RAM though. Maybe I can cut down by going
| low-level, but I have to understand how email works first
| then.
| selfhoster11 wrote:
| Mail in a Box requires around 512MB to 1GB of RAM and it's
| a decent all-in-one solution. I currently run it on a very
| small DigitalOcean VM.
| dschulz wrote:
| "Regain your independence and protect your privacy by installing
| your own email server. It takes less than 10 minutes!"
|
| Well, I just spent more than 10 minutes and couldn't even find a
| download link. There's nothing in the page that suggests it's an
| actual free and/or open-source project.
| h3rsko wrote:
| https://modoboa.readthedocs.io/en/latest/installation.html
___________________________________________________________________
(page generated 2021-09-19 23:01 UTC)